A really strong password is one that nobody else has ever used. Always use unique passwords !
After earlier warning against the risky behaviour being used in the choice of passwords, a new survey has highlighted the lack of vigilance by internet users worldwide. Too many careless internet users with a single password
Following a 2012 study by researcher Joseph Bonneau [1], an IFOP survey for Dashlane on password security has found equally alarming results. The survey showed that only 9% of French people thought that using the same password on every internet site is risky behaviour.
Furthermore, 42% of French people always use the same password. The results are slightly better in the United States, where 30% of internet users use 10 or more passwords to access their information. In the UK, however, 55% of people never change their password.
A figure to remember in relation to this information is that a weak password of eight characters or less only has a lifespan of seven days. A password is weak if it can be guessed easily : « 123456 », « abc123 », « password »... but « p@$$word », « 0123456y », and « LETMEin3 » are equally awful. Read the article: Anatomy of a hack - How crackers ransack passwords like « qeadzcwrsfxv1331 ». Very instructive article.
As a result of this study, Dashlane presents a strong argument in convincing us to use their service, or to take a more security-conscious approach to generating passwords.
The fact remains that the results are revealing, especially among young people. 58% of people under the age of 25 use the same password mulriple times, compared to 39% of people over 35. 72% of people protect their administrative data, compared to 80% of older people.
So, should people use Dashlane, 1Password or Lastpass? Not necessarily, even if these solutions have their advantages.
The important thing is not only that passwords are different for each site, but that they are also strong. Dictionary words are to be absolutely avoided, even when combined with numbers. Ideally, the password should not correspond to any expression, in any language.
As a reminder, this article (creating a perfect password) aims to educate the public on the need to strengthen passwords and to maintain a minimum level of online security, as well as offering some solutions for more secure passwords.
Notes
[1] Etude University of Cambridge - The science of guess: Analyzing an anonymized corpus of 70 million passwords (format PDF)
[2] Etude IFOP pour Dashlane (format PDF)
[3] Credits photo : Ron Bennetts (Creative Commons By-SA)